package com.biz.service.auth.impl;

import java.util.Collection;
import java.util.Iterator;

import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;

public class AccessDecisionManagerImpl implements AccessDecisionManager  {

	public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes)
			throws AccessDeniedException, InsufficientAuthenticationException {
			if(configAttributes == null){  
	            return ;  
	         }  
	         Iterator<ConfigAttribute> ite=configAttributes.iterator();  
	        while(ite.hasNext()){  
	             ConfigAttribute ca=ite.next();  
	             String needRole=((SecurityConfig)ca).getAttribute();  
	            for(GrantedAuthority ga:authentication.getAuthorities()){  
	                if(needRole.equals(ga.getAuthority())){  
	                    return;  
	                 }  
	             }  
	         }  
	        throw new AccessDeniedException("no right");  
	}

	
	public boolean supports(ConfigAttribute arg0) {
		return true;
	}

	
	public boolean supports(Class<?> arg0) {
		return true;
	}

}
